CISAKevBot
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild: the Known Exploited Vulnerability (KEV) catalog. CISA strongly recommends all organizations review and monitor the KEV catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.
Fediverse name: Text copied!
Fediverse URL: Text copied!
Feed URL: https://rud.is/cisa-kev.rssWebsite: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Refreshed at: 6/15/2026, 9:47:52 AM
Entries
- 2025-11-12: [CVE-2025-12480] Gladinet Triofox Improper Access Control Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2025-11-12: [CVE-2025-62215] Microsoft Windows Race Condition Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2025-11-12: [CVE-2025-9242] WatchGuard Firebox Out-of-Bounds Write Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2025-11-10: [CVE-2025-21042] Samsung Mobile Devices Out-of-Bounds Write Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2025-11-04: [CVE-2025-48703] CWP Control Web Panel OS Command Injection Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2025-11-04: [CVE-2025-11371] Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability
Posted at: 3/4/2026, 1:41:49 AM - 2025-10-30: [CVE-2025-41244] Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability
Posted at: 10/30/2025, 7:33:04 PM - 2025-10-30: [CVE-2025-24893] XWiki Platform Eval Injection Vulnerability
Posted at: 10/30/2025, 7:33:04 PM - 2025-10-28: [CVE-2025-6204] Dassault Systèmes DELMIA Apriso Code Injection Vulnerability
Posted at: 10/28/2025, 7:28:08 PM - 2025-10-28: [CVE-2025-6205] Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability
Posted at: 10/28/2025, 7:28:08 PM